An attack on paypal --> secure UI for browsers
Rich Salz
rsalz at datapower.com
Tue Jun 10 09:42:57 EDT 2003
> For example, a proposal I saw recently which
> would have the OS decorate the borders of "trusted" windows with facts or
> images that an attacker wouldn't be able to predict: the name of your
> dog, or whatever.
But if the system is rooted, then the attacker merely has to find the
"today's secret word" entry in the registry and do the same thing.
Unless Windows is planning on getting real kernel-level kinds of protection.
> It was none other than Microsoft's NGSCB, nee Palladium. See
> http://news.com.com/2100-1012_3-1000584.html?tag=fd_top:
See previous sentence. :)
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list